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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 . 1 36(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED {35 U.S.C. § 1 33). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )[X] Responsive to communication(s) filed on 12 April 2004 . 
2a)Q This action is FINAL. 2b)IEl This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quay/e, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) KI Claim(s) 7-79 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) G3 Claim(s) 1-19 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10)13 The drawing(s) filed on 12 April 2004 is/are: a)E3 accepted or b)Q objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
11 )□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12)IEI Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
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1 Certified copies of the priority documents have been received. 

2-D Certified copies of the priority documents have been received in Application No. . 

3.D Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 

1. The IDS of 1/07/2005, 10/13/2005 & 09/05/2006 were received and considered. 

2. Claims 1-19 are pending. 



Priority 

3. Receipt is acknowledged of papers submitted under 35 U.S.C. 119(a)-(d), which papers 
have been placed of record in the file. 

Claim Objections 

4. Claim 11 is objected to because of the following informalities: "if there exists no 
decoding information in the authenticating the device operation" should be replaced with "if 
there exists no decoding information during the authenticating the device operation". 
Appropriate correction is required. The limitation is read as such for the purposes of further 
prosecution. 

Claim Rejections - 35 U5C § 112 

5. The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the 
subject matter which the applicant regards as his invention. 

6. Claims 4, 6-9, 12 & 14-19 are rejected under 35 U.S.C. 112, second paragraph, as being 
indefinite for failing to particularly point out and distinctly claim the subject matter which 
applicant regards as the invention. 
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a. Regarding claims 4, 6-9, 12 & 14-17, the limitation "the network" is recited in 
numerous places, but lacks sufficient antecedent basis. For the purposes of this action, 
the limitation "the network" in the above claims is read as "a network". It is noted that 
claims 9, 15 & 17 recite "the network", however, assuming the recitation in claims 8, 12 
& 16, respectively, are changed to "a network" or amended correctly in another manner, 
claims 9, 15 & 17 may be left unamended. 

b. Regarding claim 18, the limitation "the network" (line 2) lacks sufficient 
antecedent basis. For the purposes of this action, the limitation "and the network is a 
home network" is not considered. 

c. Regarding claim 19, the limitation "the network" (line 2) lacks sufficient 
antecedent basis. For the purposes of this action, the limitation "and the network is a 
home network" is not considered. 

d. Note that any claims rejected under 35 U.S.C. §112 and also rejected or objected 
to below are rejected or objected to below as best understood in light of the 
indefiniteness described above. 



Claim Rejections - 35 USC § 102 

7. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form 
the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application 
for patent by another filed in the United States before the invention by the applicant for patent, except that an 
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international application filed under the treaty defined in section 351(a) shall have the effects for purposes of 
this subsection of an application filed in the United States only if the international application designated the 
United States and was published under Article 21(2) of such treaty in the English language. 

8. Claims 1-2 & 18 are rejected under 35 U.S.C. 102(e) as being anticipated by U.S. Patent 
6,826,690 to Hind et al. (Hind). 

Regarding claim 1, Hind discloses a device authentication system, comprising a device 
(client, col. 17, lines 31-34) having device information including coding information for 
authentication (device certificate, col. 10, lines 26-29, col. 17, line 41 & Fig. 3) and information 
(contents of issuer field, Fig. 3, #305 & col. 18, lines 12-16) on a service provider providing 
authentication services (certificate authority system including registry, col. 18, lines 12-16) and 
a gateway (server, col. 17, lines 54-55) including decoding information corresponding to the 
coding information of the device (public key of the certificate authority decrypts to the device 
certificate, col. 18, lines 10-16), and authenticating the device by using the decoding 
information (CA public key is used to verify the device certificate, col. 18, lines 10-20). 

Regarding claim 2, Hind discloses wherein the service provider provides the decoding 
information (CA provides public key via registry, col. 18, lines 12-15), and wherein, if there 
exists no decoding information in the gateway (regardless), the gateway requests the decoding 
information (public key) from the service provider (certificate authority registry, col. 18, lines 
12-15). 

Regarding claim 18, as best understood, the device (client) is a home device (personal 
computer, col. 7, lines 9-10). 
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Claim Rejections - 35 USC § 103 

9. The following is a quotation of 35 U.S.C 103(a) which forms the basis for all obviousness 
rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art 
are such that the subject matter as a whole would have been obvious at the time the invention was made to a 
person having ordinary skill in the art to which said subject matter pertains. Patentability shall not be 
negatived by the manner in which the invention was made! 

10. Claims 3-7 (as applied to claim 1 above), 10-15 & 19 are rejected under 35 U.S.C. 103(a) 
as being unpatentable over Hind, in further view of U.S. Patent Application Publication 
2001/0048744 to Kimura. 

Regarding claim 3, Hind discloses an input/output unit into which the device information 
including the coding information and the information on the service provider is input (an 
inherent feature of the gateway (server), as both the coding information, i.e. the device 
certificate, and the information on the service provider, i.e. the information in the issuer field of 
the certificate, are input from the client, see col. 10, lines 26-29, col. 17, line 41 & col. 18, lines 
12-20) and a device process unit (inherent part of the gateway (Hind's server)) for obtaining the 
decoding information (public key is received from registry at the server, see col. 18, lines 10- 
20), authenticating the device by using the decoding information (public key of the CA) and the 
coding information (device certificate, see col. 18, lines 10-20). These limitations are inherent 
device limitations of the gateway (Hind's server) as Hind's server performs the operations 
performed by the claimed device. However, Hind lacks selecting a display for displaying an 
authentication result and an application process unit for generating an authentication request 
screen requesting a user to approve or reject the authentication result. However, Kimura 
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teaches a system where a client (MT) attempts to connect to a gateway (access point 18, H38), 
an authentication procedure is performed (1W39-40), a display is selected for displaying an 
authentication result (if authentication is performed successfully, H40, the authentication 
request display means 16 is notified, 1142) and an authentication request screen is generated 
requesting a user to approve or to reject the authentication result (display means 16 notifies 
the network-administering user of the authentication-requesting MT, H42). This procedure is 
performed to prevent terminals from intruding from outside of a closed section, last lines of 
H16) to improve security (H17). Therefore, it would have been obvious to one having ordinary 
skill in the art at the time the invention was made to modify Hind's server (gateway) with the 
functionality of Kimura's access point and as such to include a device process unit (server) that 
further selects a display for displaying the authentication result and to further include in the 
server an application process unit for generating an authentication request screen (notification 
of authentication request sent to administering user's display) requesting a user (administrator) 
to approve or to reject the authentication result. One of ordinary skill in the art would have 
been motivated to perform such a modification to prevent terminals from intruding from 
outside of a closed section (see last lines of 1116) to improve security (1117), as taught by 
Kimura. 

Regarding claim 4, Hind, as modified above by Kimura, teaches wherein the 
input/output unit (server in Hind, access point in Kimura) outputs the authentication request 
screen to the display (display means notifies administrator, Kimura, H42) and the device 
process unit (server) controls the input/output unit (server) to set or not to set the device to 
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the network (send an authentication response, Kimura, 1143) based on a response of the user to 
the authentication result through the authentication request screen (Kimura, 1143). As stated 
above, this modification of Hind's server in accordance with the functionality of Kimura's access 
point is obvious over Hind to prevent terminals from intruding from outside of a closed section 
(Kimura, see last lines of H16) to improve security (Kimura, H17), as taught by Kimura. 

Regarding claim 5, Hind, as modified above by Kimura, teaches wherein the display 
(display means 16) externally display (displays to the user) the authentication result (request, 
Kimura, H42). Kimura further teaches a user input unit (authentication input means, Kimura, 
Fig. 1, #15 & H32) for inputting a selection command of the user in a response to the 
authentication result (Kimura, H42). Therefore, it would have been obvious to one having 
ordinary skill in the art at the time the invention was made to modify Hind's server to employ a 
user input means, in accordance with Kimura's invention. One of ordinary skill in the art would 
have been motivated to perform such a modification to prevent terminals from intruding from 
outside of a closed section (Kimura, see last lines of H16) to improve security (Kimura, 1117), as 
taught by Kimura. 

Regarding claim 6, Hind, as modified above by Kimura, discloses wherein the device 
process unit (server) controls the input/output unit (server) to set or not to set the device to 
the network (send an authentication response, Kimura, D43) in correspondence to the selection 
command inputted from the user input unit (Kimura, HH42-43). As stated above, this 
modification of Hind's server in accordance with the functionality of Kimura's access point is 
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obvious over Hind to prevent terminals from intruding from outside of a closed section (Kimura, 
see last lines of 1116) to improve security (Kimura ; 1117), as taught by Kimura. 

Regarding claim 7, Hind lacks cutting off the device from the network if the user's 
approval is not inputted for a predetermined period of time. However, Kimura discloses setting 
a wait timer and rejecting a connection to a server if a network administering user has not 
approved a connection within a predetermined amount of time (H42, 1)46 & 1152). Therefore, it 
would have been obvious to one having ordinary skill in the art at the time the invention was 
made to modify the server of Hind such that a device is cut off from the network (connection 
request is rejected) if the user's approval is not inputted for a predetermined period of time. 
One of ordinary skill in the art would have been motivated to perform such a modification to 
prevent terminals from intruding from outside of a closed section (Kimura, see last lines of H16) 
to improve security (Kimura, H17), as taught by Kimura. 

Regarding claim 10, Hind discloses inputting device information including coding 
information for authentication (device certificate, col. 10, lines 26-29, col. 17, line 41 & Fig. 3) 
and information (contents of issuer field, Fig. 3, #305 & col. 18, lines 12-16) on a service 
provider providing authentication services (certificate authority system including registry, col. 
18, lines 12-16) and authenticating the device (CA public key is used to verify the device 
certificate, col. 18, lines 10-20) by using previously stored decoding information (public key 
obtained) corresponding to the coding information of the device (public key of the certificate 
authority decrypts to the device certificate, col. 18, lines 10-16), but lacks selecting a display for 
displaying an authentication result and an generating an authentication request screen 
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requesting a user's approval with respect to the authentication result. However, Kimura 
teaches a system where a client (MT) attempts to connect to a gateway (access point 18, H38), 
an authentication procedure is performed (111)39-40), a display is selected for displaying an 
authentication result (if authentication is performed successfully, H40, the authentication 
request display means 16 is notified, H42) and an authentication request screen is generated 
requesting a user to approve or to reject the authentication result (display means 16 notifies 
the network-administering user of the authentication-requesting MT, H42). This procedure is 
performed to prevent terminals from intruding from outside of a closed section, last lines of 
H16) to improve security (1117). Therefore, it would have been obvious to one having ordinary 
skill in the art at the time the invention was made to modify Hind with the functionality of 
Kimura's access point and as such to select a display for displaying the authentication result 
(selecting the administrator's display, Fig. 1, #15 to display the notification, H42) and to further 
generate an authentication request screen (notification of authentication request sent to 
administering user's display) requesting a user's (administrator's) approval with respect to the 
authentication result (requesting an administering user to authorize the connection). One of 
ordinary skill in the art would have been motivated to perform such a modification to prevent 
terminals from intruding from outside of a closed section (see last lines of 1116) to improve 
security (1117), as taught by Kimura. 

Regarding claim 11, Hind discloses requesting the decoding information (CA public key) 
from the service provider (CA via registry, col. 18, lines 12-15) by using information on the 
service provider (contents of issuer field, Fig. 3, #305 & col. 18, lines 12-16), if there exists no 
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decoding information in the gateway (regardless), the gateway requests the decoding 
information (public key) from the service provider (certificate authority registry, col. 18, lines 
12-15). 

Regarding claim 12, Hind, as modified above by Kimura, teaches outputting the 
authentication request screen to the display (notification of authentication request sent to 
administering user's display 16, Kimura H42) and setting the device to or cutting off the device 
from the network depending on the response of the user to the authentication result through 
the authentication request screen (allowing or rejecting the association procedure which starts 
with the authentication response message, Kimura HH43-44). 

Regarding claim 13, Hind, as modified above by Kimura, teaches externally displaying 
the authentication result (displays to the user the authentication notification (i.e. request to the 
user), Kimura, H42) and inputting a selection command of the user in response to the 
authentication result in correspondence to the displayed authentication result (user sends an 
authentication-authorizing input in response to the notification, H43). 

Regarding claim 14, Hind, as modified above by Kimura, teaches wherein the device is 
set to or cut off from the network in correspondence to the selection command of the user in 
the inputting the selection command operation (allowing or rejecting the association procedure 
is determined by the authentication-authorization input, Kimura 1M43-44). 

Regarding claim 15, Hind lacks wherein the operation of setting the device or cutting off 
the device from the network cuts off the device form the network if the user's approval is not 
inputted for a predetermined period of time. However, Kimura discloses setting a wait timer 
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and rejecting a connection to a server if a network administering user has not approved a 
connection within a predetermined amount of time (1142, H46 & H52). Therefore, it would have 
been obvious to one having ordinary skill in the art at the time the invention was made to 
modify the server of Hind such that a device is cut off from the network (connection request is 
rejected) if the user's approval is not inputted for a predetermined period of time. One of 
ordinary skill in the art would have been motivated to perform such a modification to prevent 
terminals from intruding from outside of a closed section (Kimura, see last lines of H16) to 
improve security (Kimura, H17), as taught by Kimura. 

Regarding claim 19, Hind, as best understood, the device (client) is a home device 
(personal computer, col. 7, lines 9-10). 

Allowable Subject Matter 

11. Claims 8-9 & 16-17 are objected to as being dependent upon a rejected base claim, but 
would be allowable if rewritten in independent form including all of the limitations of the base 
claim and any intervening claims and any rejections under 35 U.S.C. §112 or objections to the 
claims made above are overcome. 

e. Regarding claim 8 (and 9 by dependence), the prior art of record fails to teach or 
disclose, either alone or in combination, a selection unit for selecting the display for the 
authentication result of the authentication process unit based on the device information 
on the device that is previously stored, in combination with the other elements of the 
claims. 
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f. 



Regarding claim 16 (and 17 by dependence), the prior art of record fails to teach 



or disclose, either alone or in combination, selecting a display for the authentication 
result based on the device information of the device connected to the network, in 
combination with the other elements of the claims. 

Conclusion 

12. The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. 

g. U.S. Patent Application Publication 2003/0126243 to Kudo et al. is cited for 
teaching a gateway device that receives an address notification message (last 7 lines of 
H31), selects a display to display a connection request (displays connection notification 
on the gateway and displays a request for acknowledgement to another device 
connected, last few lines of H31), generates an authentication request screen requesting 
a user to approve or to reject the authentication result (sends request for 
acknowledgement to network device 200b, 1M31-32). The system has the benefit of 
preventing the unexpected connection of a device to the network (116). 

h. U.S. Patent 6,938,154 to Berson et al. is cited for teaching devices being 
manufactured with a public key pair, where a manufacturer's certificate is created (col. 



5). 



i. 



U.S. Patent 6,131,120 to Reid is cited for teaching checking a certificate (X.509) 



at a gateway to authenticate a device to a WAN (col. 9). 
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j. U.S. Patent 6,751,729 to Giniger et al. is cited for teaching a manufacturer's 
certificate used to certify a device (for authentication). 

k. U.S. Patent Application Publication 2003/0021413 to Kiiveri et al. is cited for 
teaching the authentication of a device internally using multiple certificates (111133-47). 
I. U.S. Patent 6,185,688 to Greaves et al. is cited for teaching a timeout in 
authentication approval (col. 1). 

m. "Security Issues in Networked Appliances and Home Gateways" by Neil Pittsley 
et al. is cited for teaching prior art home network security methods. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Michael J. Simitoski whose telephone number is (571) 272- 
3841. The examiner can normally be reached on Monday - Thursday, 6:45 a.m. - 4:15 p.m.. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kambiz Zand can be reached on (571) 272-3811. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private 
PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you 
would like assistance from a USPTO Customer Service Representative or access to the 
automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

September 17, 2007 

Michael J. Simitoski 
/Michael J. Simitoski/ 



